Auth-Blaze is a middleware package for C# .NET applications that enforces zero trust principles by verifying identity, device, and contextual information for every request. Auth-Blaze provides robust security through multi-factor authentication (MFA), IP geolocation restrictions, and token validation for API requests, ensuring that only trusted users and devices gain access.
- Zero Trust Verification: Authenticates identity, device, and request context to enforce zero trust policies.
- Multi-Factor Authentication (MFA): Supports MFA to strengthen user authentication.
- IP Geolocation-Based Restrictions: Limits access based on the user’s geographic location.
- Access Token Validation: Validates access tokens for every API request to confirm authorization.
- Customizable Policies: Easily configure access policies and thresholds for MFA, IP checks, and token validation.
Install Auth-Blaze via NuGet Package Manager Console:
Install-Package Auth-BlazeOr, add it to your .csproj file:
<PackageReference Include="Auth-Blaze" Version="1.0.0" />To begin, initialize Auth-Blaze in your application’s startup file (e.g., Startup.cs) and configure the middleware with your desired zero trust policies.
// Startup.cs
using AuthBlaze;
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthBlaze(options =>
{
options.EnableMFA = true; // Enable Multi-Factor Authentication (MFA)
options.RestrictByGeolocation = true; // Enable IP geolocation-based access restrictions
options.TokenValidation = true; // Validate access tokens for API requests
options.AllowedGeolocations = new List<string> { "US", "DE", "CA" }; // Allowed IP geolocations
});
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseAuthBlaze(); // Enable Auth-Blaze middleware in the request pipeline
}
}Auth-Blaze automatically validates requests based on identity, device, and context. When applied as middleware, it intercepts each request to ensure compliance with zero trust policies before the request reaches application endpoints.
Auth-Blaze triggers MFA checks during login. If MFA is enabled, users are required to complete an additional verification step, such as entering a code from an authenticator app.
// Startup.cs
using AuthBlaze;
public class LoginService
{
private readonly IAuthBlaze _authBlaze;
public LoginService(IAuthBlaze authBlaze)
{
_authBlaze = authBlaze;
}
public async Task<bool> LoginAsync(string username, string password)
{
bool isAuthenticated = await _authBlaze.AuthenticateAsync(username, password);
if (isAuthenticated)
{
bool mfaResult = await _authBlaze.EnforceMFAAsync(username);
return mfaResult;
}
return false;
}
}Auth-Blaze can block access if the user’s IP geolocation does not match the allowed locations configured in the setup.
using AuthBlaze;
public class RequestService
{
private readonly IAuthBlaze _authBlaze;
public RequestService(IAuthBlaze authBlaze)
{
_authBlaze = authBlaze;
}
public void HandleRequest(HttpContext context)
{
if (!_authBlaze.IsGeolocationAllowed(context))
{
// Reject request or return a "403 Forbidden" response
context.Response.StatusCode = 403;
context.Response.WriteAsync("Access denied based on geolocation.");
}
}
}- Multi-Factor Authentication: Strengthens authentication by requiring MFA for sensitive operations.
- IP Geolocation Blocking: Restricts access from specific countries or regions.
- Access Token Validation: Ensures that only authorized requests with valid tokens are processed.
- Contextual Device Verification: Confirms that requests originate from trusted devices, helping to prevent session hijacking.
We welcome contributions! Please open an issue or submit a pull request if you have suggestions or improvements.
This project is licensed under the MIT License - see the LICENSE file for details.
#Contact For questions or feedback, please contact [[email protected]].